漏洞 Vulnerability CVE-2019-19268：rConfig 3.9.2本地提权 https://github.com/TheCyberGeek/CVE-2019-19268 安全工具 Security Tools AIEngine-AI驱动的网络入侵检测系统 https://www.darknet.org.uk/2019/11/aiengine-ai-driven-network-intrusion-detection-system/?utm_source=feedly&utm_medium=webfeeds 安全资讯 Security Information Whats App恶意的GIF导致远程代码执行漏洞仍然影响多个移动应用程序 https://blog.trendmicro.com/trendlabs-security-intelligence/patched-gif-processing-vulnerability-cve-2019-11932-still-afflicts-multiple-mobile-apps/ 安全研究 Security Research JWT安全浅析 https://research.securitum.com/jwt-json-web-token-security/ Forticlient / FortiGate中用于FortiGuard Web过滤器云查找的XOR“加密”，泄漏了Web浏览活动的完整HTTP URL https://sec-consult.com/en/blog/advisories/weak-encryption-cipher-and-hardcoded-cryptographic-keys-in-fortinet-products/ Linksys Velop 家用 WiFi 认证绕过漏洞 https://puzzor.github.io/Linksys-Velop-Authentication-bypass 攻击FreeIPA-Part1-认证 https://posts.specterops.io/attacking-freeipa-part-i-authentication-77e73d837d6a